On Tue, Dec 6, 2022 at 10:06 AM Gary Buhrmaster <gary.buhrmaster@xxxxxxxxx> wrote: > > On Tue, Dec 6, 2022 at 12:47 PM Siddhesh Poyarekar <siddhesh@xxxxxxxxxx> wrote: > > > Overall even if there is a miniscule performance overhead, I > > reckon the reward is much higher. > > I am curious how you can claim there is only a > minuscule performance overhead without doing > any benchmarks? > > I am not claiming the overheads are high, I > don't know, but I know enough to trust that > when you (yourself) said in the article: > > "We need a proper study of performance > and code size to understand the magnitude > of the impact" > > that you are making a very clear statement > that you believe that such a study is needed. > > If you do not believe that that statement > is correct, will you be issuing a correction > to the posted article saying that such a study > is no longer needed? My full comment in that blog post is: "We need a proper study of performance and code size to understand the magnitude of the impact created by _FORTIFY_SOURCE=3 additional runtime code generation. However the performance and code size overhead may well be worth it due to the magnitude of improvement in security coverage." To elaborate, I think the performance and code size study is an interesting academic concern, but the magnitude of improvement justifies whatever little performance impact this may introduce and it should not be a blocker for the improvement. > And without any benchmarks, the proposal > should acknowledge explicitly that some > unknown performance penalty may be seen, > and needs to be accepted as a trade-off for > security reasons (some may be fine with that, > others less so, but that is a different debate > to have). Sure, I could add that as a comment in the proposal. Thanks, Sid _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
